Azure Cloud Network Architect (100% hands on architect)

Notes from Manager: The person that gets this role will be super strong in (Azure virtual WAN Knowledge and Palo Alto Fire Walls)

This is a Senior role for a top tier Private Equity firm, and this position have extremely high bars - not just technically, but in terms of communication, clarity of thought, and the ability to synthesize complex information for senior leadership.

The firm is only considering people who are highly polished communicators and 110% hands on:

Senior Network Engineering Role (Azure virtual WAN / Palo Alto FOCUSED)

Deep technical execution required - architecture, troubleshooting, high level design, but still very much in the weeds daily. Someone who lives on the keyboard, not managing from a distance.

These environments require people who can operate at the intersection of elite engineering depth and executive ready communication.

Job Summary:

We are seeking an experienced and highly skilled Azure Cloud Network Architect to join our team as an individual contributor. The ideal candidate will have deep expertise in cloud networking architecture, with a strong focus on Azure Virtual WAN, Azure networking services, and secure cloud routing architectures. This role requires expert knowledge of Palo Alto firewalls (including Panorama), infrastructure-as-code (IaC) deployments, and managing network and firewall rule sets through code using modern DevOps practices.

Primary Functions & Essential Responsibilities:

Cloud Architecture & Design-

• Lead the architecture, design, and implementation of Azure network infrastructures, including Azure Virtual WAN, hub and spoke architectures, private endpoints, VNets, Firewalls, and secure connectivity patterns.
• Architect and maintain scalable, highly available cloud network topologies that support global business requirements.
• Develop reference architectures, HLDs/LLDs, and future state designs focused on Azure networking, cloud security, and automation.

Infrastructure-as-Code & Automation-

• Build and deploy Azure networking components using Terraform, Bicep, ARM, or similar IaC frameworks.
• Manage network and firewall rule sets as code, including versioning, CI/CD pipelines, policy as code, and automated validation.
• Develop self healing, automated cloud network operations leveraging Azure-native and third party tooling.

Firewall & Security-

• Architect and implement Palo Alto firewalls within Azure, including Panorama based management, rule automation, and cloud integrations.
• Perform deep packet level analysis and cloud traffic flow diagnostics to optimize security posture and performance.

Operations, Reliability & Troubleshooting-

• Provide senior level troubleshooting for escalated cloud networking and security incidents across Azure and hybrid environments.
• Optimize connectivity, performance, and resiliency for global cloud workloads and cross region architectures.
• Define metrics, reporting mechanisms, and dashboards for network health, performance, and compliance.

Cross-Functional Leadership-

• Collaborate with security engineering, cloud engineering, DevOps, and application teams to deliver secure, scalable cloud solutions.
• Lead product evaluations, proof of concepts, and vendor engagements with well defined success criteria.
• Mentor engineering teams on Azure networking, IaC patterns, Palo Alto cloud integrations, and DevOps methodology.

Documentation & Compliance-

• Maintain comprehensive documentation of cloud network designs, IaC modules, firewall policies, runbooks, and operational standards.
• Support compliance initiatives and ensure cloud networks align with regulatory and audit requirements.

Qualifications:

Certifications-

• Microsoft Azure Solutions Architect Expert or equivalent.
• Palo Alto Networks certifications (PCNSE preferred).
• Equivalent experience to CCIE-level routing/switching (certification optional in cloud-dominant role).

Skills:

Technical Skills (Must-Have):

Azure Cloud Networking

• Expert knowledge in:
  • Azure Virtual WAN (vWAN)
  • VNet design & segmentation
  • Private Link & Private Endpoints
  • Azure Firewall, Palo Alto VM-Series, Panorama
  • ExpressRoute / VPN gateways
  • Azure Load Balancing (ALB/ILB), Application Gateway, WAF

Infrastructure-as-Code / Automation-

• Terraform, Bicep, ARM, GitOps, CI/CD pipelines.
• Rule set management through code (network, NAT, security policies).

Firewall Technology-

• Expert proficiency with Palo Alto firewalls (policy design, threat profiles, packet capture, Panorama automation).

Routing & Switching-

• Strong foundation in BGP, OSPF, EVPN, cloud routing patterns, and hybrid interconnect.

SD WAN-

• Experience with cloud integrated SD WAN solutions (Prisma SD WAN preferred).

Operational Skill Set-

• Packet-level diagnostics (PCAPs, flow logs, NSG flows, Palo Alto monitors).
• Cloud monitoring solutions (Azure Monitor, Log Analytics, PAN OS logging).
• Designing self healing, auto-remediation workflows.

General Requirements-

• Excellent written and verbal communication skills.
• Strong organizational and time-management capability.
• Ability to manage multiple complex projects simultaneously.
• High attention to detail and strong documentation discipline.
• Global team collaboration experience.
• Familiarity with ITIL processes